Entry Xie:2008:TMS from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Xie:2008:TMS,
  author =       "Mengjun Xie and Heng Yin and Haining Wang",
  title =        "Thwarting {E}-mail Spam Laundering",
  journal =      j-TISSEC,
  volume =       "12",
  number =       "2",
  pages =        "13:1--13:??",
  month =        dec,
  year =         "2008",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1455518.1455525",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Tue Dec 23 11:58:14 MST 2008",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "Laundering e-mail spam through open-proxies or
                 compromised PCs is a widely-used trick to conceal real
                 spam sources and reduce spamming cost in the
                 underground e-mail spam industry. Spammers have plagued
                 the Internet by exploiting a large number of spam
                 proxies. The facility of breaking spam laundering and
                 deterring spamming activities close to their sources,
                 which would greatly benefit not only e-mail users but
                 also victim ISPs, is in great demand but still missing.
                 In this article, we reveal one salient characteristic
                 of proxy-based spamming activities, namely packet
                 symmetry, by analyzing protocol semantics and timing
                 causality. Based on the packet symmetry exhibited in
                 spam laundering, we propose a simple and effective
                 technique, DBSpam, to online detect and break spam
                 laundering activities inside a customer network.
                 Monitoring the bidirectional traffic passing through a
                 network gateway, DBSpam utilizes a simple statistical
                 method, Sequential Probability Ratio Test, to detect
                 the occurrence of spam laundering in a timely manner.
                 To balance the goals of promptness and accuracy, we
                 introduce a noise-reduction technique in DBSpam, after
                 which the laundering path can be identified more
                 accurately. Then DBSpam activates its spam suppressing
                 mechanism to break the spam laundering. We implement a
                 prototype of DBSpam based on {\em libpcap}, and
                 validate its efficacy on spam detection and suppression
                 through both theoretical analyses and trace-based
                 experiments.",
  acknowledgement = ack-nhfb,
  articleno =    "13",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "proxy; Spam; SPRT",
}

Related entries